Commitment to Security
As a leading travel and expense management platform, we prioritize the privacy and protection of our customers’ data, ensuring that businesses can manage travel with confidence. Our dedication to transparency and collaboration with partners and clients helps us meet and exceed security expectations. We understand that trust is earned, and we are committed to maintaining the highest standards of data security and privacy in everything we do.
Our Security Framework
We've built a multi-layered, defense-in-depth security program designed to protect your data at every level, from the application code to the physical infrastructure.
Application Security
- Secure Software Development Life Cycle (SDLC) embeds security from design to deployment.
- Dedicated security team collaborates with developers to protect against vulnerabilities.
- Regular vulnerability assessments and annual third-party penetration testing.
- Continuous security scans of our codebase to ensure ongoing protection.
Infrastructure & Cloud Security
- Hosted on world-class, secure AWS cloud infrastructure.
- Utilizes isolated Virtual Private Clouds (VPCs) and strict network access controls.
- Employs AWS Key Management Services (KMS) for cryptographic key management.
- Ensures data is stored in a highly reliable, redundant, and protected environment.
Data Encryption
- Data is encrypted in transit using Transport Layer Security (TLS) 1.2 or higher.
- All data at rest is secured with Advanced Encryption Standard (AES-256).
- Protects your information from unauthorized access, both on the wire and in our data centers.
User Access Control
- Supports Single Sign-On (SSO) with leading identity providers like Okta and Microsoft Entra ID.
- Enforces multi-factor authentication (MFA) to prevent unauthorized account access.
- Provides customizable, role-based permissions for granular control over data access.
Compliance & Certifications
Trust and transparency are at the core of our security philosophy. Routespring’s security protocols are regularly audited by independent, third-party organizations, ensuring our continuous compliance with the most stringent global security standards. We are proud to be certified under several internationally recognized security frameworks, demonstrating our commitment to protecting your valuable data.
Demonstrates that we have the necessary internal controls and processes to protect financial data relevant to our customers' financial reporting.
Independently validates the security, availability, processing integrity, confidentiality, and privacy of our systems and data over an extended period.
An international standard for information security management, certifying that we have a comprehensive security management system in place.
The highest level of certification for handling credit card data securely, ensuring that all payment information is protected against fraud.
Your Partner in Security
We view security as a shared responsibility. We are committed to being a transparent partner, providing you with the tools, controls, and information you need to keep your organization secure. Our team is dedicated to staying ahead of emerging threats and continuously improving our security posture. If you have any questions about our security practices or wish to review our compliance documentation, please don't hesitate to reach out to our team. Your trust is our highest priority.
Travel with Peace of Mind
Learn how our comprehensive security measures can protect your company and your travelers.
Request a Security Consultation